So, how secure are the "wallets" that TradeHill, Mt.Gox and other trading sites use?

If their servers crash - like if my laptop HD crashes where my wallet is - does that mean bye2 to all them BTCs?

My understanding is yes, you'd lose everything if your account is compromised, and yes if the site when down you'd lose access to the wallet for that time.

As far as I can tell, I don't think they give you a "wallet" exactly, instead they give you access to your funds in their system. Effectively they act as your bank, but without interest (unless you count market fluctuation). But if you trust them you could certainly keep your funds there, then transfer bitcoins to your everyday account for spending cash. Kind of like visiting an ATM.

BOUNTY PORTALS

BLOG

WHEREBOUNTY MANAGEMENT

MEETSAUTOMATION

SIGNATURE CAMPAIGNS

TWITTER

FACEBOOK

MEDIA CAMPAIGNS

AND MORE!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.

So, how secure are the "wallets" that TradeHill, Mt.Gox and other trading sites use?

If their servers crash - like if my laptop HD crashes where my wallet is - does that mean bye2 to all them BTCs?

My understanding is yes, you'd lose everything if your account is compromised, and yes if the site when down you'd lose access to the wallet for that time.

As far as I can tell, I don't think they give you a "wallet" exactly, instead they give you access to your funds in their system. Effectively they act as your bank, but without interest (unless you count market fluctuation). But if you trust them you could certainly keep your funds there, then transfer bitcoins to your everyday account for spending cash. Kind of like visiting an ATM.

I c.

Well the reason I am concerned is I travel with my laptop and I am worried about the TSA goons groping more than just my private parts!

Hey guys, I've got a question for you. How big is the block chain going to get? I ask because I want to make sure the usb drive I use is actually large enough to encrypt an entire client indefinitely. So I know that as blocks get very old they're no longer saved, but aren't the new blocks larger than the old blocks? Meaning, won't the size of a full install always increase?

Or then there's the other option, of just using a 8 or 16 GB drive and using it as a full OS+bitcoin client.

So I take it you could have two or more of these usb drives (even full OS+bitcoin client as you say) and if one of them craps you dont lose your BTCs?

Not all all, actually that's why security is such a big deal. "Wallet" is a bit of a misnomer, it's really more like a key to your online wallet. Anyone who has access to your bitcoin wallet has full access to your account, even if it's just a copy (just like if someone had a copy of your vault key). That's why it's so important to make multiple copies, just make sure they're always encrypted, so only you can access those multiple copies.

Well the reason I am concerned is I travel with my laptop and I am worried about the TSA goons groping more than just my private parts!

Hah, well I trust Mt Gox way more than the TSA. Actually truth be told, after Mt Gox's reaction the their security breach and their response to the public, I really do think they're pretty trustworthy these days. Hell, Sony was never that forthcoming, really very few companies seem to be willing to both take security seriously and tell the truth to the customers.

Well the reason I am concerned is I travel with my laptop and I am worried about the TSA goons groping more than just my private parts!

Hah, well I trust Mt Gox way more than the TSA. Actually truth be told, after Mt Gox's reaction the their security breach and their response to the public, I really do think they're pretty trustworthy these days. Hell, Sony was never that forthcoming, really very few companies seem to be willing to both take security seriously and tell the truth to the customers.

Well let's hope MtGox is telling the truth. As I said in another post MtGox will probably have 100x more problems with the Japanese goons who enforce FRN (so called "USD") currency law (the so called "Legal Tender Law" http://www.truthsetsusfree.com/HJR192.htm ) than with the actual hack.

Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

Which version? Can you elaborate. This sounds stupid, why would anyone program something like that??

Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

Bitlotto are you talking nonsense, misunderstood the use case, or trolling?

There was a time when keypool=100 was not default and so restoring from backup would loose the change and receipts since backup. But that is no longer the case (and was fixed by Satoshi long ago). If you insist there was EVER a version that presented an address (a hash of a key) before creating and storing the private key, I would like to see the source code in the git repository.

Instead of booting a live cd, you could also mount a ramdisk (or make a folder in /dev/shm) and create a symlink from it to ~/.bitcoin, then create your wallet, addresses, backup etc.. This, of course, assuming you're already running some Linux distribution. Then the files will only have ever resided in RAM; unmount the ramdisk (or delete the folder you created in /dev/shm), and the symlink to it, and it'll be almost as if the files were never there.

Just don't forget to make the backup, since otherwise--because it is in RAM--once you shut down it'll be gone forever.

Instead of booting a live cd, you could also mount a ramdisk (or make a folder in /dev/shm) and create a symlink from it to ~/.bitcoin, then create your wallet, addresses, backup etc.. This, of course, assuming you're already running some Linux distribution. Then the files will only have ever resided in RAM; unmount the ramdisk (or delete the folder you created in /dev/shm), and the symlink to it, and it'll be almost as if the files were never there.

Just don't forget to make the backup, since otherwise--because it is in RAM--once you shut down it'll be gone forever.

Why? Until you put any bitcoins into it, the wallet is worthless, so losing it won't be a problem. It's no different from the livecd approach, except that instead of running a whole OS in RAM, you're just storing a folder in RAM.

If you ever need to use the wallet, just keep a copy on whatever medium you used to back it up, and copy it back to your ramdisk. where you make whatever changes you need to make. I don't know if you even need to overwrite the old copy with the changed one, since all the transactions are tracked/confirmed by the network.

Edit: If you thought I was suggesting not to keep a back-up on a physical medium, that is definitely not what I was saying. It's always a good idea to keep a back-up. Thought I'd clear that up, just in case.

Careful what version of Bitcoin you use! Some versions will display multiple addresses but the private keys won't be made till you do a transaction and have it open for a while!!! Someone did something similar, where they sent some to the first address as a test then saw it worked then send the rest to the second address. Deleted everything only to go back and see that he lost his BTC!!

Bitlotto are you talking nonsense, misunderstood the use case, or trolling?

There was a time when keypool=100 was not default and so restoring from backup would loose the change and receipts since backup. But that is no longer the case (and was fixed by Satoshi long ago). If you insist there was EVER a version that presented an address (a hash of a key) before creating and storing the private key, I would like to see the source code in the git repository.

Ya sorry. I was talking about what you are linking to. I thought the addresses were showing for some reason. I see now that they just had one address showing. THEN created the other ones after. Sorry. I'd never troll! I thought that's what happened...

Great guide.i agree with notion to encrypt walet.dat when storing it.also the length of password is critical. so mare at least 13 character pw that includes letters numbers and special chars. if you think that is too difficult to remmember - it is cryptologically as safe if your pwis like this: SoM3pW55$$$$$ as long as it is a secret which char was repeated at end....